From 11c3b49e36030bec846be8eb638406ecee6f1a3b Mon Sep 17 00:00:00 2001 From: Adam Shih Date: Fri, 15 Oct 2021 11:41:21 +0800 Subject: [PATCH] review file_contexts Bug: 203025336 Test: check if every path exists Change-Id: I156c4953a50d888e54249038b45992d134b4aaca --- aoc/file_contexts | 1 + legacy/file_contexts | 119 ---------------------------------- whitechapel_pro/file_contexts | 40 ++++++++++++ 3 files changed, 41 insertions(+), 119 deletions(-) diff --git a/aoc/file_contexts b/aoc/file_contexts index edd3ebb1..71fb097b 100644 --- a/aoc/file_contexts +++ b/aoc/file_contexts @@ -21,6 +21,7 @@ # AoC vendor binaries /vendor/bin/aocd u:object_r:aocd_exec:s0 /vendor/bin/aocdump u:object_r:aocdump_exec:s0 +/vendor/bin/hw/vendor\.google\.audiometricext@1\.0-service-vendor u:object_r:hal_audiometricext_default_exec:s0 # AoC audio files /vendor/etc/aoc(/.*)? u:object_r:aoc_audio_file:s0 diff --git a/legacy/file_contexts b/legacy/file_contexts index 0cfd17a2..af4bdea1 100644 --- a/legacy/file_contexts +++ b/legacy/file_contexts @@ -1,59 +1,3 @@ -# -# HALs -# -/(vendor|system/vendor)/bin/hw/android\.hardware\.boot@1\.[0-2]-service-gs201 u:object_r:hal_bootctl_default_exec:s0 -/(vendor|system/vendor)/bin/hw/android\.hardware\.dumpstate@1\.1-service\.gs201 u:object_r:hal_dumpstate_default_exec:s0 - -# -# Exynos Devices -# -/dev/bbd_pwrstat u:object_r:power_stats_device:s0 -/dev/tsmux u:object_r:video_device:s0 -/dev/repeater u:object_r:video_device:s0 -/dev/logbuffer_usbpd u:object_r:logbuffer_device:s0 -/dev/logbuffer_ssoc u:object_r:logbuffer_device:s0 -/dev/logbuffer_wireless u:object_r:logbuffer_device:s0 -/dev/logbuffer_ttf u:object_r:logbuffer_device:s0 -/dev/logbuffer_maxq u:object_r:logbuffer_device:s0 -/dev/logbuffer_rtx u:object_r:logbuffer_device:s0 -/dev/logbuffer_maxfg u:object_r:logbuffer_device:s0 -/dev/logbuffer_maxfg_base u:object_r:logbuffer_device:s0 -/dev/logbuffer_maxfg_flip u:object_r:logbuffer_device:s0 -/dev/logbuffer_pca9468_tcpm u:object_r:logbuffer_device:s0 - -# DM tools device - - -# SIPC RIL device -/dev/watchdog0 u:object_r:watchdog_device:s0 - -# GPU device -/dev/mali0 u:object_r:gpu_device:s0 - -/persist/sensorcal\.json u:object_r:sensors_cal_file:s0 - -# Camera -/vendor/lib64/camera u:object_r:vendor_camera_tuning_file:s0 -/vendor/lib64/camera/ghawb_para_lut\.bin u:object_r:vendor_camera_tuning_file:s0 -/vendor/lib64/camera/slider_.*\.binarypb u:object_r:vendor_camera_tuning_file:s0 -/mnt/vendor/persist/camera(/.*)? u:object_r:persist_camera_file:s0 -/data/vendor/camera(/.*)? u:object_r:vendor_camera_data_file:s0 - -/dev/stmvl53l1_ranging u:object_r:rls_device:s0 - -# VIDEO -/data/vendor/media(/.*)? u:object_r:vendor_media_data_file:s0 - -# IMS VoWiFi -/data/vendor/misc(/.*)? u:object_r:vendor_misc_data_file:s0 -/data/vendor/VoWiFi(/.*)? u:object_r:vendor_ims_data_file:s0 - -# Sensors -/data/vendor/sensor(/.*)? u:object_r:sensor_vendor_data_file:s0 - -# Contexthub -/vendor/bin/hw/android\.hardware\.contexthub-service\.generic u:object_r:hal_contexthub_default_exec:s0 - # Bluetooth /(vendor|system/vendor)/bin/hw/android\.hardware\.bluetooth@1\.1-service\.bcmbtlinux u:object_r:hal_bluetooth_btlinux_exec:s0 /dev/wbrc u:object_r:wb_coexistence_dev:s0 @@ -61,66 +5,3 @@ /dev/logbuffer_btlpm u:object_r:logbuffer_device:s0 /dev/logbuffer_tty16 u:object_r:logbuffer_device:s0 -# AudioMetric -/(vendor|system/vendor)/bin/hw/vendor\.google\.audiometricext@1\.0-service-vendor u:object_r:hal_audiometricext_default_exec:s0 - - -# Trusty -/vendor/bin/securedpud.slider u:object_r:securedpud_slider_exec:s0 -/vendor/bin/hw/android\.hardware\.gatekeeper@1\.0-service\.trusty u:object_r:hal_gatekeeper_default_exec:s0 -/vendor/bin/hw/android\.hardware\.security\.keymint-service\.trusty u:object_r:hal_keymint_default_exec:s0 -/dev/trusty-log0 u:object_r:logbuffer_device:s0 - -# GRIL -/vendor/bin/hw/vendor\.google\.radioext@1\.0-service u:object_r:hal_radioext_default_exec:s0 - -# Vendor_kernel_modules -/vendor_dlkm/lib/modules/.*\.ko u:object_r:vendor_kernel_modules:s0 - -# Display -/mnt/vendor/persist/display(/.*)? u:object_r:persist_display_file:s0 - -# Touch -/dev/touch_offload u:object_r:touch_offload_device:s0 - -# Zram -/data/per_boot(/.*)? u:object_r:per_boot_file:s0 - -# sensor direct DMA-BUF heap -/dev/dma_heap/sensor_direct_heap u:object_r:sensor_direct_heap_device:s0 - -# Console -/dev/ttySAC0 u:object_r:tty_device:s0 - -# faceauth DMA-BUF heaps -/dev/dma_heap/faceauth_tpu-secure u:object_r:faceauth_heap_device:s0 -/dev/dma_heap/faimg-secure u:object_r:faceauth_heap_device:s0 -/dev/dma_heap/famodel-secure u:object_r:faceauth_heap_device:s0 -/dev/dma_heap/faprev-secure u:object_r:faceauth_heap_device:s0 -/dev/dma_heap/farawimg-secure u:object_r:faceauth_heap_device:s0 - -# vframe-secure DMA-BUF heap -/dev/dma_heap/vframe-secure u:object_r:vframe_heap_device:s0 - -# vscaler-secure DMA-BUF heap -/dev/dma_heap/vscaler-secure u:object_r:vscaler_heap_device:s0 - -# vstream-secure DMA-BUF heap -/dev/dma_heap/vstream-secure u:object_r:dmabuf_system_secure_heap_device:s0 - -# BigOcean -/dev/bigocean u:object_r:video_device:s0 - -# Fingerprint -/dev/goodix_fp u:object_r:fingerprint_device:s0 - -# -# USF SELinux file security contexts. -# - -# Sensor registry persist files. -/mnt/vendor/persist/sensors/registry(/.*)? u:object_r:persist_sensor_reg_file:s0 - -# Sensor registry data files. -/data/vendor/sensors/registry(/.*)? u:object_r:sensor_reg_data_file:s0 - diff --git a/whitechapel_pro/file_contexts b/whitechapel_pro/file_contexts index 34cfef97..c7c26a4b 100644 --- a/whitechapel_pro/file_contexts +++ b/whitechapel_pro/file_contexts @@ -18,6 +18,12 @@ /vendor/bin/usf_stats u:object_r:vendor_usf_stats:s0 /vendor/bin/usf_reg_edit u:object_r:vendor_usf_reg_edit:s0 /vendor/bin/dumpsys u:object_r:vendor_dumpsys:s0 +/vendor/bin/hw/android\.hardware\.gatekeeper@1\.0-service\.trusty u:object_r:hal_gatekeeper_default_exec:s0 +/vendor/bin/hw/android\.hardware\.security\.keymint-service\.trusty u:object_r:hal_keymint_default_exec:s0 +/vendor/bin/hw/vendor\.google\.radioext@1\.0-service u:object_r:hal_radioext_default_exec:s0 +/vendor/bin/hw/android\.hardware\.contexthub-service\.generic u:object_r:hal_contexthub_default_exec:s0 +/vendor/bin/hw/android\.hardware\.boot@1\.2-service-gs201 u:object_r:hal_bootctl_default_exec:s0 +/vendor/bin/hw/android\.hardware\.dumpstate@1\.1-service\.gs201 u:object_r:hal_dumpstate_default_exec:s0 /vendor/bin/hw/samsung\.hardware\.media\.c2@1\.0-service u:object_r:mediacodec_samsung_exec:s0 /vendor/bin/hw/google\.hardware\.media\.c2@1\.0-service u:object_r:mediacodec_google_exec:s0 /vendor/bin/hw/android\.hardware\.secure_element@1\.2-service-gto u:object_r:hal_secure_element_gto_exec:s0 @@ -34,7 +40,35 @@ # Vendor Firmwares /vendor/firmware(/.*)? u:object_r:vendor_fw_file:s0 +# Vendor kernel modules +/vendor_dlkm/lib/modules/.*\.ko u:object_r:vendor_kernel_modules:s0 + # Devices +/dev/trusty-log0 u:object_r:logbuffer_device:s0 +/dev/dma_heap/sensor_direct_heap u:object_r:sensor_direct_heap_device:s0 +/dev/ttySAC0 u:object_r:tty_device:s0 +/dev/dma_heap/faceauth_tpu-secure u:object_r:faceauth_heap_device:s0 +/dev/dma_heap/faimg-secure u:object_r:faceauth_heap_device:s0 +/dev/dma_heap/famodel-secure u:object_r:faceauth_heap_device:s0 +/dev/dma_heap/faprev-secure u:object_r:faceauth_heap_device:s0 +/dev/dma_heap/farawimg-secure u:object_r:faceauth_heap_device:s0 +/dev/dma_heap/vframe-secure u:object_r:vframe_heap_device:s0 +/dev/dma_heap/vscaler-secure u:object_r:vscaler_heap_device:s0 +/dev/dma_heap/vstream-secure u:object_r:dmabuf_system_secure_heap_device:s0 +/dev/bigocean u:object_r:video_device:s0 +/dev/goodix_fp u:object_r:fingerprint_device:s0 +/dev/touch_offload u:object_r:touch_offload_device:s0 +/dev/stmvl53l1_ranging u:object_r:rls_device:s0 +/dev/watchdog0 u:object_r:watchdog_device:s0 +/dev/mali0 u:object_r:gpu_device:s0 +/dev/logbuffer_usbpd u:object_r:logbuffer_device:s0 +/dev/logbuffer_ssoc u:object_r:logbuffer_device:s0 +/dev/logbuffer_wireless u:object_r:logbuffer_device:s0 +/dev/logbuffer_ttf u:object_r:logbuffer_device:s0 +/dev/logbuffer_maxq u:object_r:logbuffer_device:s0 +/dev/logbuffer_rtx u:object_r:logbuffer_device:s0 +/dev/logbuffer_maxfg u:object_r:logbuffer_device:s0 +/dev/bbd_pwrstat u:object_r:power_stats_device:s0 /dev/lwis-act-ak7377 u:object_r:lwis_device:s0 /dev/lwis-act-ak7377-imx386 u:object_r:lwis_device:s0 /dev/lwis-act-sem1215sa u:object_r:lwis_device:s0 @@ -127,11 +161,17 @@ /data/nfc(/.*)? u:object_r:nfc_data_file:s0 /data/vendor/firmware/wifi(/.*)? u:object_r:updated_wifi_firmware_data_file:s0 /data/vendor/tcpdump_logger(/.*)? u:object_r:tcpdump_vendor_data_file:s0 +/data/vendor/camera(/.*)? u:object_r:vendor_camera_data_file:s0 +/data/vendor/media(/.*)? u:object_r:vendor_media_data_file:s0 +/data/vendor/misc(/.*)? u:object_r:vendor_misc_data_file:s0 +/data/per_boot(/.*)? u:object_r:per_boot_file:s0 +/data/vendor/sensors/registry(/.*)? u:object_r:sensor_reg_data_file:s0 # Persist /mnt/vendor/persist/modem(/.*)? u:object_r:persist_modem_file:s0 /mnt/vendor/persist/ss(/.*)? u:object_r:persist_ss_file:s0 /mnt/vendor/persist/battery(/.*)? u:object_r:persist_battery_file:s0 +/mnt/vendor/persist/sensors/registry(/.*)? u:object_r:persist_sensor_reg_file:s0 # Extra mount images /mnt/vendor/modem_img(/.*)? u:object_r:modem_img_file:s0